using SecuBat.Analysis.Common;
using SecuBat.AttackPlugin;

namespace SecuBat.AttackPlugins.SimpleSqlInsertion
{
	/// <summary>
	/// Summary description for TestAnalysis.
	/// </summary>
	[AnalysisPlugin]
	public class SimpleSqlInsertionAnalysis : SimpleKeywordAnalysis, IAnalysis
	{
		public SimpleSqlInsertionAnalysis(ICommonData data) : base(data, new WeightedKeywordCollection())
		{
			Keywords.Add(new WeightedKeyword("oledb", 60));
			Keywords.Add(new WeightedKeyword("sql", 40));
			Keywords.Add(new WeightedKeyword("odbc", 60));
			Keywords.Add(new WeightedKeyword("syntax error", 50));
			Keywords.Add(new WeightedKeyword("sql server", 70));
			Keywords.Add(new WeightedKeyword("mysql", 60));
			Keywords.Add(new WeightedKeyword("incorrect syntax", 70));
			Keywords.Add(new WeightedKeyword("status 500", 75));
			Keywords.Add(new WeightedKeyword("apache", 35));
			Keywords.Add(new WeightedKeyword("tomcat", 45));
			Keywords.Add(new WeightedKeyword("server error", 70));
			Keywords.Add(new WeightedKeyword("internal server error", 80));
			Keywords.Add(new WeightedKeyword("exception", 80));
			Keywords.Add(new WeightedKeyword("java.lang", 80));
			Keywords.Add(new WeightedKeyword("error 500", 75));
			Keywords.Add(new WeightedKeyword("runtime error", 80));
			Keywords.Add(new WeightedKeyword("error occurred", 100));
			Keywords.Add(new WeightedKeyword("runtimeexception", 100));
			Keywords.Add(new WeightedKeyword("executing statement", 80));
			Keywords.Add(new WeightedKeyword("runtimeexception", 100));
			Keywords.Add(new WeightedKeyword("sqlexception", 110));
			Keywords.Add(new WeightedKeyword("stacktrace", 90));
			Keywords.Add(new WeightedKeyword("potentially dangerous", 80));
			Keywords.Add(new WeightedKeyword("NullPointerException", 90));
			Keywords.Add(new WeightedKeyword("org.apache", 90));
			Keywords.Add(new WeightedKeyword("error occured", 75));
			Keywords.Add(new WeightedKeyword("error report", 70));
			Keywords.Add(new WeightedKeyword("invalid", -45));
			Keywords.Add(new WeightedKeyword("incorrect", -45));
			Keywords.Add(new WeightedKeyword("missing", -40));
			Keywords.Add(new WeightedKeyword("wrong", -20));
		}

		public override void DoAnalysis()
		{
			base.DoAnalysis ();

			// If the page returned a 500 internal server error, this is a good mark for vulnerability
			if (this.ResponseCode < 500)
				this.AnalysisResult /= 8;
		}

	}
}
